Tapping in a computer password while chatting over Zoom could open the door to a cyber-attack, research suggests, after a study revealed artificial intelligence (AI) can work out which keys are being pressed by eavesdropping on the sound of the typing.
Experts say that as video conferencing tools such as Zoom have grown in use, and devices with built-in microphones have become ubiquitous, the threat of cyber-attacks based on sounds has also risen.
Now researchers say they have created a system that can work out which keys are being pressed on a laptop keyboard with more than 90% accuracy, just based on sound recordings.
To understand just how serious this threat is, a team of experts conducted an eye-opening experiment. They used a powerful laptop, a MacBook Pro 16-inch. They placed a small iPhone 13 Mini just 17cm away on a soft cloth to capture the sounds of the keyboard. They also used the laptop’s own recording function to catch the sounds.
All this recorded data was then used to teach a smart computer program driven by AI, how to understand the sounds of typing. Once trained, this AI was put to the test. It could successfully figure out what keys were being pressed with an astonishing accuracy of 95 per cent from the iPhone recording and 93 per cent from the laptop’s recording.
Since large language models such as ChatGPT are able to predict succeeding characters to complete words, scientists say passwords containing full words may be at greater risk.
Randomly generated fake keystrokes to transmitted audio was also found to reduce the risk of such password theft.
Using biometric password like fingerprint or face scanning instead typed ones can also help mitigate risk of such cyber attacks, researchers say.